Firm scrambles to patch vBulletin software flaw (1 Viewer)

[dutchman]

A serious flaw in software widely used to power online discussion sites could allow hackers to harvest reams of personal data, the BBC has learned.

The flaw in a specific version of the vBulletin software allows anyone to easily access the main administrator username and password for a site.

This would also allow hackers to access data, such as e-mail addresses, and edit the site at will.

The owner of the program - Internet Brands - released a fix on 21 July.
However, at time of writing, many sites remain vulnerable.

The BBC was alerted to the problem by Stuart Wright of audio visual reviews site AV forums, which uses the software for its discussion boards, before the patch was released.

Full story here: http://www.bbc.co.uk/news/technology-10714192

 

---

[Nick]

I had better get to work

 

[Nick]

Ahhh this is using the old version of vBulletin, this is rolling on Version 4 but in all honesty I am not sure if I like it as much looks wise

 

[dutchman]

Ahhh this is using the old version of vBulletin, this is rolling on Version 4

That's what I thought but the article is so poorly written it suggests the latest version is most affected. Am using PHPBB3 myself so not too familar with vBulletin.